You're free to know what's in the beer, you're free to enjoy and use the beer, and you're free to give away the beer, but, the moment you want to duplicate that beer that's an issue. Again, I don't like to group Open-Source with Libre-Source, and Open-Audit, and all the other ways you can express the licensing / source model.

I think the best thing we can do is to stop over extending Open-Source, it's being misused a thousand ways, and causing more confusion than it's worth. I believe in Open-Source, and Open-Audit, but there's nothing with wanting to charge for the service.

I think age verification at the OS level is a good idea, if it's implemented in a safe, offline, private way. I've explained my idea a few times using two enclaves to perform pattern matches, which I won't get into. The reality is some services should know your age, if a clerk at the convince store can tell if you're 18 before you buy a rub-and-tug magazine, or beer, why can't OnlyFans, or Fetlife?

Let me be clear, I'm talking about sensible, offline, secure, and private age verification. The system will know you're between 18-30, or 30-45, or some other bracket, and not know how old explicitly you are.

Stallman won't mind, he's always said Open Source is free, as in beer. We have to stop associating Open Source with Libre Source, since giving your software out for free, is different from publishing the source code. I've said many times I support Open Source, but I don't think you have to give your work away from free, you have every right to charge, but the user has the right to verify.

I probably give LibreOffice more money in donations a year, than a basic MS 365 license would cost me, and that's fine because I like the product, and the mission. There are plenty of Open-Source products I use, that I donate to because being Open Source does not mean you're Libre Source. Open Source is about being accountable, verifiable, autiable, trustable, not ripped off and abused, and that's where the problem is.

I like to break the terms down, so I'll say: "Open-Source", "Open-Audit", and "Free", as three different statements. You could be "Open-Audit", and "Closed-Source". You could be "Closed-Audit", and "Open-Source", but charge for the software, there's nothing wrong with that. We need to stop mixing terms together, to spite how they may have been used in the past.

How are you going to make this work? Instead of focusing on single product age verification, why not make a stable, offline, and secure age validation system, and then be able to tell to the battery, for instance you're old enough? I still don't think it's a good idea, but trying to build out a separate infrastructure to verify / validate something like this is stupid.

I've run over 100 Linux servers, and the number of issues that weren't my incredible incompetence, not zero, not very low. I'll be fair, I've run a couple of dozen Windows server, and it's not 100% for issues, but it's most of them. Furthermore, I've seen a server change its own group policy settings, a few times. I've never seen a Linux server, change it's sysctl, ever.

That's hilarious and true, like what does enabling a "Don't allow" for "Block and Restrict" do? Every single option I had to copy into DuckDuckGO and read what it actually did, and what the settings meant. It's not a case where the setting is confusing because I'm an idiot, it's confusing because it's written poorly. Contrast group policy to sysctl config, it's night and day.

The bigger issue I have with group policy, if so many of the options should be enabled by default, why aren't they? Policy for security and auditing should be opt-out, not opt-in, and even if they did want it opt-in, make it easy and clear to enable. How many hundreds of options could be enabled by default? I've turned a metric crap load of option on since November 2025, and no one has complained, so clearly they should be on, so why aren't they?

Intune and Defender for Endpoint will tell you dozens of options that should be enabled... WHAT?! Wait so Microsoft knows they should be on, but didn't turn them on, but want you to turn them on, but don't tell you to turn them on, unless you pay, and run a complex system of enrolment? At least when it's complaining about Linux setting in sysctl, they're dealing with outlier extra tinfoil accent style setting, not fundamental the system is a screen door slamming against a broken jam at the slightest gust of wind setting.

I can't support that, let's assume Windows is a quality OS, if they want to show off that quality, you need to show it off, not leave it to some end user to configure, tweak, adjust, enforce, and then see the hidden quality. The options are baked in, and clearly they know what should be enabled, just enrol with Intune or Defender for Endpoint, and it will tell you that those setting should be enabled. If they know they should be, why aren't they?

That's not my concern, if hardware problems are causing OS level problems, the OS just isn't ready for mainstream deployment. Maybe Microsoft has to call out certain companies, publicly, like Linus did / does, but that's Microsoft's job.

Ya, it's a difficult question, but in any case the girls get a say in how their likeness is used.

Yes, yes it is, Windows is a terrible operating system, and we need to keep reinforcing that, so we don't normalize crap.

Funny thing, I did, it's on a Raspberry Pi, but my mother doesn't like it because the touch controls are different, and she has to use a SD card.

I've posted many times about the issue I constantly face on Windows, not only on my machine, but fleet wide.

I was configuring group policy yesterday, all day, and the number of things that are either active or not restricted, is mind-blowing. Page after page of options that should be "Block - Enabled", or, "Security Enabled", by default, that you need to go in and set enabled, why? The number of options of protocols, encryption, caching, temping files, and so on, that should be blocked by default, again, head shaking. There are a few policies to prevent exposing your user details and notification on a lock screen, WTF? Why aren't those off by default?

I can understand that you might want those settings on, so, turn them on. Why not start with a reasonably secure baseline, and allow the user to pick what they want? Don't go full on bunker isolation mode, you'd already be running Qubes OS if you wanted that, just sensible, reasonable, medium security.

After all the stuff I've changed since November 2025, zero users have complained, which means all the settings should have been restrictive by default.

I can kind of support the cost argument Windows Server is expensive, but it's also bloated, and slow. I can count on zero hands the number of times I've wanted a GUI on a server, zero. I want my servers to serve things, not spend resources on the server OS, and I really can't afford for the servers to update, and become unresponsive, which is a known and accepted issue on Windows. The other reality most servers run a Unix or Linux variant, if Windows was ready for the server room, it would have the server room, and it's failed.

It's more important to us, they understand the real-world risks, and decide based off that. We still need to discuss things, but ultimately at their age, they'll do what they want, and so the best course is to educate them.

Windows is an unstable, insecure cluster bleep of an operating system, we know this! There's a reason you don't use Windows on servers, or IoT, when things have to work. When it comes to the other points, Windows is a cybersecurity nightmare on steroids, for multiple reasons.

1. It's a general use OS meant for idiots who think there is a literal "any" key.
2. It's backwards compatible, which means it supports sloppy, messy, unprofessional, rush, hacked, amateur crap.
3. The design is functionally a mess, have you tried setting group policy? Have you tried locking down the kernel, or user space?
4. The updates are a gamble, can you risk running them?
5. It lacks a proper firewall subsystem.
6. It lacks proper domain isolation.
7. It's online first, and accept all connection is doomed to cause problems.

Do I have to keep going? I'm going to say this again, professionals don't use Windows. Windows is not a suitable operating system when you have to get work done, care, be production, or competent.

If you ask a Linux / Unix admin to lock down a server, dear lord, that thing will be locked tighter than a nun's nasty. It will be a tinfoil wrapped masterpiece of paranoid rejection, in all its glory and beauty. If you ask a Windows admin to lock down a server, in the best case there's a still a screen door slamming again the jam, and Microsoft has enough backdoors to mitigate any attempt.

Let's assume one of the daughters consented on the spot, they would know they had, and would just tell us, problem solved. There is a problem when you consider if a child should be able to consent, not from a legal standpoint, from an education standpoint. My daughters know the dangers, I live in cybersecurity, they haven't been spared from reality. They know when the picture goes up, it's up, you can't get it back, just assume it gone forever, to be misused by anyone for any reason.

I like the Seinfeld reference :) - Just assume you have no consent, from anyone, and seek it out every time. I know it would be a lot of work, and represent an amount of effort as to not make social media worthwhile, but, it saves you from any risk. If you have a list of emails from parents with a Yes / No, then you can show you had consent, and the issue later on is mitigated.

How's that messed up? The girls don't want their pictures sitting on a digital subscription-based frame, and I can't blame them. They've offered to be a still picture for her, but they don't want to be uploaded into the cloud for no reason. I also don't withhold her being able to come over, or stop us from going to see her, so there just isn't a good reason to submit to digital violation because my mother wants them to.